Join the discussion
Question 1/50
Which GRC application would you use to determine where the organization is the most vulnerable or has the most exposure?
Correct Answer: A
Add Comments
- Other Question (50q)
- Q1. Which GRC application would you use to determine where the organization is the most vulner...
- Q2. What table, along with the Policy table, is linked to the Control Objective table by a man...
- Q3. The Citation table is a child table of which parent?...
- Q4. For a particular risk assessment methodology (RAM), the control effectiveness score is cal...
- Q5. Which of the following are scoped applications related to the Risk and Compliance applicat...
- Q6. Which tables extend from the Task table? (Choose two.)...
- Q7. Which of the following are Policy Lifecycle states included in the ServiceNow baseline? (C...
- Q8. Possible regulations when Entity scoping for Healthcare: (Choose two.)...
- Q9. The SOX content pack includes a series of policies, control, risks. How are all of these c...
- Q10. For Control records, who can modify the Control in the Draft state?...
- Q11. What are the four values leveraged for the Inherent and Residual Risk Score Types?...
- Q12. You are working with your customer to determine necessary audit management workflow config...
- Q13. Which is not a type of key compliance indicator?...
- Q14. Which of the following are triggers for automatic creation of an issue? (Choose two.)...
- Q15. What would you leverage in order to provide users with an alternate user experience to vie...
- Q16. Which of the following are the classic risk score types that ServiceNow tracks? (Choose th...
- Q17. In which state can reviewers either send the Policy back to draft or forward it by request...
- Q18. An external audit team needs to view all of your published policies and controls? Which ro...
- Q19. Policies can be automatically published after which of the following occurs?...
- Q20. Where does a policy get published to when it is approved?...
- Q21. For classic risk assessment, what are the risk components that apply to the Qualitative me...
- Q22. Why would you create Entity classes?
- Q23. What table extends from Document Table?
- Q24. What types of tasks are specific to the Audit module? (Choose four.)...
- Q25. Control Failure Factor represents the impact of Control Failures on what score?...
- Q26. Jim is an Audit Manager. In addition to Audit Manager, which roles should be assigned to e...
- Q27. For classic risk assessment, while a Risk is in the Assess state, reviewers can do which o...
- Q28. Which table stored the links from Entity to Entity Types?...
- Q29. Which filter navigation syntax displays the table in list view within a separate browser t...
- Q30. Which of the following roles can create issues? (Choose three.)...
- Q31. Which tables extend the Content (sn_grc_content) table? (Choose two.)...
- Q32. What are some characteristics of the ServiceNow Store? (Choose four.)...
- Q33. There is a direct relationship between Entity Class and Entity Type when:...
- Q34. The Tablename.config:
- Q35. Which of the following statements is true of a Risk Response task?...
- Q36. As a customer reaches greater GRC maturity, what can we expect to see occurring across the...
- Q37. Who can move a Policy record from Review into the next state?...
- Q38. The Risk thresholds in the Risk Criteria Matrix (default values) do not line up with compa...
- Q39. Which table stores the links from the Entity Type to Risk Statement?...
- Q40. Which of the following statements correctly describe the risk management lifecycle process...
- Q41. When reviewing the Control Objective Table form with your customer, what are the most comm...
- Q42. Which tables extend the Content (sn_grc_content) table? (Choose two.)...
- Q43. You are working with your customer to determine necessary audit management workflow config...
- Q44. What happens when you assign an Entity Type to a Risk Statement?...
- Q45. Which table stores the links from Policy to Control Objective?...
- Q46. Which GRC tables serve as primary parent tables for the GRC applications? (Choose three.)...
- Q47. Risk criteria typically include definitions of different levels of what? (Choose two.)...
- Q48. Control indicators may be triggered or scheduled in which state?...
- Q49. Annualized Loss Expectancy is a feature of which risk score method?...
- Q50. What GRC module would you access in order to update Entity Types?...
